about summary refs log tree commit diff
path: root/modules/nixos/ntfy.nix
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/nixos/ntfy.nix31
1 files changed, 28 insertions, 3 deletions
diff --git a/modules/nixos/ntfy.nix b/modules/nixos/ntfy.nix
index 80b6247..f8510d5 100644
--- a/modules/nixos/ntfy.nix
+++ b/modules/nixos/ntfy.nix
@@ -1,6 +1,7 @@
 {
   config,
   lib,
+  this,
   ...
 }:
 with lib; let
@@ -20,6 +21,22 @@ in {
       type = with types; str;
       default = "ntfy.${config.networking.domain}";
     };
+
+    prometheus = {
+      enable = mkEnableOption "Prometheus exporter." // {default = true;};
+
+      address = mkOption {
+        description = "Address.";
+        type = with types; str;
+        default = this.wireguard.ipv4.address;
+      };
+
+      port = mkOption {
+        description = "Port.";
+        type = with types; port;
+        default = 9289;
+      };
+    };
   };
 
   config = mkIf cfg.enable {
@@ -27,9 +44,14 @@ in {
       enable = true;
       upstreams.ntfy.servers.${config.services.ntfy-sh.settings.listen-http} = {};
       virtualHosts.${cfg.domain} = {
-        locations."/" = {
-          proxyPass = "http://ntfy";
-          proxyWebsockets = true;
+        locations = {
+          "/" = {
+            proxyPass = "http://ntfy";
+            proxyWebsockets = true;
+          };
+          "/metrics".extraConfig = ''
+            deny all;
+          '';
         };
         extraConfig = nginxInternalOnly;
       };
@@ -44,6 +66,9 @@ in {
         behind-proxy = true;
         attachment-cache-dir = "/var/cache/ntfy/attachments";
         auth-file = "/var/lib/ntfy/user.db";
+        enable-metrics = cfg.prometheus.enable;
+        metrics-listen-http = with cfg.prometheus;
+          optionalString cfg.prometheus.enable "${address}:${toString port}";
       };
     };
 

Consider giving Nix/NixOS a try! <3